Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Firefox 3.5 Armed with Privacy Controls

Mozilla adds new privacy features to the latest version of its Firefox browser in response to features in Internet Explorer 8, Apple Safari and Google Chrome. In addition to a Private Browsing mode, Firefox 3.5 has Forget This Site and Clear Recent History capabilities.

In Firefox 3.5, released June 30, Mozilla has added its own version of private browsing to match a feature offered by Google Chrome, Internet Explorer 8 and Safari. But Mozilla took the additional step of adding a Clear Recent History tool and a Forget This Site feature to bring more layers of privacy to its users.

When private browsing is enabled, nothing a user encounters on the Web will be stored from that moment on during the browsing session. The problem with private browsing modes, however, is that they require users to know ahead of time that they want to be private, said Johnathan Nightingale, Mozilla's "human shield" (aka security expert).

Further reading

"Sometimes the history you want to get rid of is browsing you've already done," Nightingale said. "That's why we've also included the Clear Recent History tool ... You can ask us to clear the last hour, the last day or even clear everything, and when you do, we will clear it everywhere. Our power users could always do this, deleting their cookies and their history and their downloads manually, but this tool gives you a single click to clear it all.

"Likewise, when the browsing you want to get rid of is a particular site instead of a particular time frame, we have added a tool called 'Forget About This Site' that allows you to right-click on any entry in your history, and tell Firefox to forget everything it knows about that site, as though you'd never visited it," he added.

In addition to the privacy controls, Mozilla fixed a few bugs and added HTTP Access Control to enable site authors to control who accesses content they put online.

"As people start putting new content online like open video and downloadable fonts (both supported in Firefox 3.5), this will let them control how those are used by third parties," Nightingale said.

Looking ahead, Mozilla has started working on a feature called CSP (Content Security Policy) to fight cross-site scripting. In order to differentiate legitimate content from injected or modified content, CSP requires that all JavaScript for a page be loaded from an external file and served from an explicitly approved host.

"This means that all inline script, JavaScript: URIs and event-handling HTML attributes will be ignored," Brandon Sterne, security program manager at Mozilla, blogged June 19. "Only script included via a <script> tag pointing to a white-listed host will be treated as valid. Additionally, CSP allows several other common-sense security restrictions to be enforced."